Ensuring that data is securely communicated between computers continues to be a concern. For instance, an attacker may intercept communications (e.g., by conducting a man-in-the-middle attack) and infer the identity a client computer or a server computer based on public keys or other data that are exchanged unencrypted. The intercepted data could be used to track the computers or used for illicit purposes. However, preventing the computer's identity from being tracked while still allowing the computer to authenticate itself can be problematic because the authentication can depend on the computer identifying itself. In addition, the encryption keys on the computers performing the communications may later become compromised, enabling an attacker to decrypt previously intercepted communications. Conducting secure, non-traceable, and authenticatable communications while ensuring the security of past communications can pose a challenge.
Embodiments of the present invention address these and other problems individually and collectively.